2022-12-22 11:22:55 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"encoding/json"
|
|
|
|
|
"fmt"
|
|
|
|
|
"os"
|
|
|
|
|
"path/filepath"
|
|
|
|
|
|
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
|
|
|
"github.com/spf13/cobra"
|
|
|
|
|
|
2023-10-04 08:42:47 +00:00
|
|
|
"github.com/crowdsecurity/crowdsec/cmd/crowdsec-cli/require"
|
2023-10-06 11:59:51 +00:00
|
|
|
"github.com/crowdsecurity/crowdsec/pkg/cwhub"
|
2022-12-22 11:22:55 +00:00
|
|
|
)
|
|
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
func (cli *cliConfig) restoreHub(dirPath string) error {
|
2024-02-23 09:37:04 +00:00
|
|
|
cfg := cli.cfg()
|
|
|
|
|
|
|
|
|
|
hub, err := require.Hub(cfg, require.RemoteHub(cfg), nil)
|
2023-11-24 14:57:32 +00:00
|
|
|
if err != nil {
|
2023-10-06 11:59:51 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, itype := range cwhub.ItemTypes {
|
|
|
|
|
itemDirectory := fmt.Sprintf("%s/%s/", dirPath, itype)
|
|
|
|
|
if _, err = os.Stat(itemDirectory); err != nil {
|
|
|
|
|
log.Infof("no %s in backup", itype)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
/*restore the upstream items*/
|
|
|
|
|
upstreamListFN := fmt.Sprintf("%s/upstream-%s.json", itemDirectory, itype)
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
file, err := os.ReadFile(upstreamListFN)
|
|
|
|
|
if err != nil {
|
2024-02-22 10:04:36 +00:00
|
|
|
return fmt.Errorf("error while opening %s: %w", upstreamListFN, err)
|
2023-10-06 11:59:51 +00:00
|
|
|
}
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
var upstreamList []string
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
err = json.Unmarshal(file, &upstreamList)
|
|
|
|
|
if err != nil {
|
2024-02-22 10:04:36 +00:00
|
|
|
return fmt.Errorf("error unmarshaling %s: %w", upstreamListFN, err)
|
2023-10-06 11:59:51 +00:00
|
|
|
}
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
for _, toinstall := range upstreamList {
|
2023-11-24 14:57:32 +00:00
|
|
|
item := hub.GetItem(itype, toinstall)
|
|
|
|
|
if item == nil {
|
|
|
|
|
log.Errorf("Item %s/%s not found in hub", itype, toinstall)
|
|
|
|
|
continue
|
|
|
|
|
}
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
if err = item.Install(false, false); err != nil {
|
2023-10-06 11:59:51 +00:00
|
|
|
log.Errorf("Error while installing %s : %s", toinstall, err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*restore the local and tainted items*/
|
|
|
|
|
files, err := os.ReadDir(itemDirectory)
|
|
|
|
|
if err != nil {
|
2024-02-22 10:04:36 +00:00
|
|
|
return fmt.Errorf("failed enumerating files of %s: %w", itemDirectory, err)
|
2023-10-06 11:59:51 +00:00
|
|
|
}
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
for _, file := range files {
|
2024-02-22 10:04:36 +00:00
|
|
|
// this was the upstream data
|
2023-10-06 11:59:51 +00:00
|
|
|
if file.Name() == fmt.Sprintf("upstream-%s.json", itype) {
|
|
|
|
|
continue
|
|
|
|
|
}
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2023-11-24 14:57:32 +00:00
|
|
|
if itype == cwhub.PARSERS || itype == cwhub.POSTOVERFLOWS {
|
2024-02-22 10:04:36 +00:00
|
|
|
// we expect a stage here
|
2023-10-06 11:59:51 +00:00
|
|
|
if !file.IsDir() {
|
|
|
|
|
continue
|
|
|
|
|
}
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
stage := file.Name()
|
2024-02-23 09:37:04 +00:00
|
|
|
stagedir := fmt.Sprintf("%s/%s/%s/", cfg.ConfigPaths.ConfigDir, itype, stage)
|
2023-10-06 11:59:51 +00:00
|
|
|
log.Debugf("Found stage %s in %s, target directory : %s", stage, itype, stagedir)
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
if err = os.MkdirAll(stagedir, os.ModePerm); err != nil {
|
2024-02-22 10:04:36 +00:00
|
|
|
return fmt.Errorf("error while creating stage directory %s: %w", stagedir, err)
|
2023-10-06 11:59:51 +00:00
|
|
|
}
|
2024-01-03 09:55:41 +00:00
|
|
|
|
|
|
|
|
// find items
|
2023-10-06 11:59:51 +00:00
|
|
|
ifiles, err := os.ReadDir(itemDirectory + "/" + stage + "/")
|
|
|
|
|
if err != nil {
|
2024-02-22 10:04:36 +00:00
|
|
|
return fmt.Errorf("failed enumerating files of %s: %w", itemDirectory+"/"+stage, err)
|
2023-10-06 11:59:51 +00:00
|
|
|
}
|
2024-02-22 10:04:36 +00:00
|
|
|
|
|
|
|
|
// finally copy item
|
2023-10-06 11:59:51 +00:00
|
|
|
for _, tfile := range ifiles {
|
|
|
|
|
log.Infof("Going to restore local/tainted [%s]", tfile.Name())
|
|
|
|
|
sourceFile := fmt.Sprintf("%s/%s/%s", itemDirectory, stage, tfile.Name())
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
destinationFile := fmt.Sprintf("%s%s", stagedir, tfile.Name())
|
|
|
|
|
if err = CopyFile(sourceFile, destinationFile); err != nil {
|
2024-02-22 10:04:36 +00:00
|
|
|
return fmt.Errorf("failed copy %s %s to %s: %w", itype, sourceFile, destinationFile, err)
|
2023-10-06 11:59:51 +00:00
|
|
|
}
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
log.Infof("restored %s to %s", sourceFile, destinationFile)
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
log.Infof("Going to restore local/tainted [%s]", file.Name())
|
|
|
|
|
sourceFile := fmt.Sprintf("%s/%s", itemDirectory, file.Name())
|
2024-02-23 09:37:04 +00:00
|
|
|
destinationFile := fmt.Sprintf("%s/%s/%s", cfg.ConfigPaths.ConfigDir, itype, file.Name())
|
2024-02-22 10:04:36 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
if err = CopyFile(sourceFile, destinationFile); err != nil {
|
2024-02-22 10:04:36 +00:00
|
|
|
return fmt.Errorf("failed copy %s %s to %s: %w", itype, sourceFile, destinationFile, err)
|
2023-10-06 11:59:51 +00:00
|
|
|
}
|
2024-02-22 10:04:36 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
log.Infof("restored %s to %s", sourceFile, destinationFile)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2024-01-03 09:55:41 +00:00
|
|
|
|
2023-10-06 11:59:51 +00:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2023-10-02 11:31:04 +00:00
|
|
|
/*
|
|
|
|
|
Restore crowdsec configurations to directory <dirPath>:
|
2022-12-22 11:22:55 +00:00
|
|
|
|
|
|
|
|
- Main config (config.yaml)
|
|
|
|
|
- Profiles config (profiles.yaml)
|
|
|
|
|
- Simulation config (simulation.yaml)
|
|
|
|
|
- Backup of API credentials (local API and online API)
|
|
|
|
|
- List of scenarios, parsers, postoverflows and collections that are up-to-date
|
|
|
|
|
- Tainted/local/out-of-date scenarios, parsers, postoverflows and collections
|
2023-10-02 11:31:04 +00:00
|
|
|
- Acquisition files (acquis.yaml, acquis.d/*.yaml)
|
2022-12-22 11:22:55 +00:00
|
|
|
*/
|
2024-02-22 10:04:36 +00:00
|
|
|
func (cli *cliConfig) restore(dirPath string) error {
|
2022-12-22 11:22:55 +00:00
|
|
|
var err error
|
|
|
|
|
|
2024-02-23 09:37:04 +00:00
|
|
|
cfg := cli.cfg()
|
|
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
backupMain := fmt.Sprintf("%s/config.yaml", dirPath)
|
|
|
|
|
if _, err = os.Stat(backupMain); err == nil {
|
2024-02-23 09:37:04 +00:00
|
|
|
if cfg.ConfigPaths != nil && cfg.ConfigPaths.ConfigDir != "" {
|
|
|
|
|
if err = CopyFile(backupMain, fmt.Sprintf("%s/config.yaml", cfg.ConfigPaths.ConfigDir)); err != nil {
|
|
|
|
|
return fmt.Errorf("failed copy %s to %s: %w", backupMain, cfg.ConfigPaths.ConfigDir, err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
2024-02-22 10:04:36 +00:00
|
|
|
}
|
2022-12-22 11:22:55 +00:00
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
// Now we have config.yaml, we should regenerate config struct to have rights paths etc
|
2024-02-23 09:37:04 +00:00
|
|
|
ConfigFilePath = fmt.Sprintf("%s/config.yaml", cfg.ConfigPaths.ConfigDir)
|
2024-02-06 09:50:28 +00:00
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
log.Debug("Reloading configuration")
|
2022-12-22 11:22:55 +00:00
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
csConfig, _, err = loadConfigFor("config")
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("failed to reload configuration: %w", err)
|
|
|
|
|
}
|
2022-12-22 11:22:55 +00:00
|
|
|
|
2024-02-23 09:37:04 +00:00
|
|
|
cfg = cli.cfg()
|
|
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
backupCAPICreds := fmt.Sprintf("%s/online_api_credentials.yaml", dirPath)
|
|
|
|
|
if _, err = os.Stat(backupCAPICreds); err == nil {
|
2024-02-23 09:37:04 +00:00
|
|
|
if err = CopyFile(backupCAPICreds, cfg.API.Server.OnlineClient.CredentialsFilePath); err != nil {
|
|
|
|
|
return fmt.Errorf("failed copy %s to %s: %w", backupCAPICreds, cfg.API.Server.OnlineClient.CredentialsFilePath, err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
2024-02-22 10:04:36 +00:00
|
|
|
}
|
2022-12-22 11:22:55 +00:00
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
backupLAPICreds := fmt.Sprintf("%s/local_api_credentials.yaml", dirPath)
|
|
|
|
|
if _, err = os.Stat(backupLAPICreds); err == nil {
|
2024-02-23 09:37:04 +00:00
|
|
|
if err = CopyFile(backupLAPICreds, cfg.API.Client.CredentialsFilePath); err != nil {
|
|
|
|
|
return fmt.Errorf("failed copy %s to %s: %w", backupLAPICreds, cfg.API.Client.CredentialsFilePath, err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
2024-02-22 10:04:36 +00:00
|
|
|
}
|
2022-12-22 11:22:55 +00:00
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
backupProfiles := fmt.Sprintf("%s/profiles.yaml", dirPath)
|
|
|
|
|
if _, err = os.Stat(backupProfiles); err == nil {
|
2024-02-23 09:37:04 +00:00
|
|
|
if err = CopyFile(backupProfiles, cfg.API.Server.ProfilesPath); err != nil {
|
|
|
|
|
return fmt.Errorf("failed copy %s to %s: %w", backupProfiles, cfg.API.Server.ProfilesPath, err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
backupSimulation := fmt.Sprintf("%s/simulation.yaml", dirPath)
|
|
|
|
|
if _, err = os.Stat(backupSimulation); err == nil {
|
2024-02-23 09:37:04 +00:00
|
|
|
if err = CopyFile(backupSimulation, cfg.ConfigPaths.SimulationFilePath); err != nil {
|
|
|
|
|
return fmt.Errorf("failed copy %s to %s: %w", backupSimulation, cfg.ConfigPaths.SimulationFilePath, err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*if there is a acquisition dir, restore its content*/
|
2024-02-23 09:37:04 +00:00
|
|
|
if cfg.Crowdsec.AcquisitionDirPath != "" {
|
|
|
|
|
if err = os.MkdirAll(cfg.Crowdsec.AcquisitionDirPath, 0o700); err != nil {
|
|
|
|
|
return fmt.Errorf("error while creating %s: %w", cfg.Crowdsec.AcquisitionDirPath, err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// if there was a single one
|
|
|
|
|
backupAcquisition := fmt.Sprintf("%s/acquis.yaml", dirPath)
|
|
|
|
|
if _, err = os.Stat(backupAcquisition); err == nil {
|
|
|
|
|
log.Debugf("restoring backup'ed %s", backupAcquisition)
|
|
|
|
|
|
2024-02-23 09:37:04 +00:00
|
|
|
if err = CopyFile(backupAcquisition, cfg.Crowdsec.AcquisitionFilePath); err != nil {
|
|
|
|
|
return fmt.Errorf("failed copy %s to %s: %w", backupAcquisition, cfg.Crowdsec.AcquisitionFilePath, err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-06 09:50:28 +00:00
|
|
|
// if there are files in the acquis backup dir, restore them
|
2022-12-22 11:22:55 +00:00
|
|
|
acquisBackupDir := filepath.Join(dirPath, "acquis", "*.yaml")
|
|
|
|
|
if acquisFiles, err := filepath.Glob(acquisBackupDir); err == nil {
|
|
|
|
|
for _, acquisFile := range acquisFiles {
|
2024-02-23 09:37:04 +00:00
|
|
|
targetFname, err := filepath.Abs(cfg.Crowdsec.AcquisitionDirPath + "/" + filepath.Base(acquisFile))
|
2022-12-22 11:22:55 +00:00
|
|
|
if err != nil {
|
2023-06-22 13:01:34 +00:00
|
|
|
return fmt.Errorf("while saving %s to %s: %w", acquisFile, targetFname, err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log.Debugf("restoring %s to %s", acquisFile, targetFname)
|
|
|
|
|
|
2023-06-08 13:08:51 +00:00
|
|
|
if err = CopyFile(acquisFile, targetFname); err != nil {
|
2024-02-22 10:04:36 +00:00
|
|
|
return fmt.Errorf("failed copy %s to %s: %w", acquisFile, targetFname, err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-23 09:37:04 +00:00
|
|
|
if cfg.Crowdsec != nil && len(cfg.Crowdsec.AcquisitionFiles) > 0 {
|
|
|
|
|
for _, acquisFile := range cfg.Crowdsec.AcquisitionFiles {
|
2022-12-22 11:22:55 +00:00
|
|
|
log.Infof("backup filepath from dir -> %s", acquisFile)
|
|
|
|
|
|
|
|
|
|
// if it was the default one, it has already been backed up
|
2024-02-23 09:37:04 +00:00
|
|
|
if cfg.Crowdsec.AcquisitionFilePath == acquisFile {
|
2022-12-22 11:22:55 +00:00
|
|
|
log.Infof("skip this one")
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
targetFname, err := filepath.Abs(filepath.Join(acquisBackupDir, filepath.Base(acquisFile)))
|
|
|
|
|
if err != nil {
|
2023-06-22 13:01:34 +00:00
|
|
|
return fmt.Errorf("while saving %s to %s: %w", acquisFile, acquisBackupDir, err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
|
|
|
|
|
2023-06-08 13:08:51 +00:00
|
|
|
if err = CopyFile(acquisFile, targetFname); err != nil {
|
2024-02-22 10:04:36 +00:00
|
|
|
return fmt.Errorf("failed copy %s to %s: %w", acquisFile, targetFname, err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log.Infof("Saved acquis %s to %s", acquisFile, targetFname)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
if err = cli.restoreHub(dirPath); err != nil {
|
|
|
|
|
return fmt.Errorf("failed to restore hub config: %w", err)
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
func (cli *cliConfig) newRestoreCmd() *cobra.Command {
|
|
|
|
|
cmd := &cobra.Command{
|
2022-12-22 11:22:55 +00:00
|
|
|
Use: `restore "directory"`,
|
|
|
|
|
Short: `Restore config in backup "directory"`,
|
|
|
|
|
Long: `Restore the crowdsec configuration from specified backup "directory" including:
|
|
|
|
|
|
|
|
|
|
- Main config (config.yaml)
|
|
|
|
|
- Simulation config (simulation.yaml)
|
|
|
|
|
- Profiles config (profiles.yaml)
|
|
|
|
|
- List of scenarios, parsers, postoverflows and collections that are up-to-date
|
|
|
|
|
- Tainted/local/out-of-date scenarios, parsers, postoverflows and collections
|
|
|
|
|
- Backup of API credentials (local API and online API)`,
|
|
|
|
|
Args: cobra.ExactArgs(1),
|
|
|
|
|
DisableAutoGenTag: true,
|
2024-02-22 10:04:36 +00:00
|
|
|
RunE: func(_ *cobra.Command, args []string) error {
|
|
|
|
|
dirPath := args[0]
|
2022-12-22 11:22:55 +00:00
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
if err := cli.restore(dirPath); err != nil {
|
|
|
|
|
return fmt.Errorf("failed to restore config from %s: %w", dirPath, err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
},
|
|
|
|
|
}
|
2022-12-22 11:22:55 +00:00
|
|
|
|
2024-02-22 10:04:36 +00:00
|
|
|
return cmd
|
2022-12-22 11:22:55 +00:00
|
|
|
}
|
